Malware Protection

[DoDoSlav123]

dekuji:-)




Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: Hitachi_HTS543232L9A300 rev.FB4OC40C -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully
kernel: MBR read successfully
user & kernel MBR OK

[DoDoSlav123]

tady mi jeste udelal log Defogger:-)

defogger_disable by jpshortstuff (23.02.10.1)
Log created at 16:18 on 07/06/2011 (Administrator)

Checking for autostart values...
Unable to open HKCU\~\Run key (5)
HKCU\~\Run values retrieved.
HKLM\~\Run values retrieved.

Checking for services/drivers...
SPTD -> Already disabled


-=E.O.F=-

[vyosek]

Kliknete na Start a pote Spustit, pripadne pouzijte klavesou zkratku Win+R

• Vyskoci na Vas okenko, do ktereho zkopirujte text nize

• Kód: Vybrat vše

  "%userprofile%\plocha\mbr" -t -s

• Kliknete na OK
• Na plose se Vam vytvori log s nazvem mbr.txt, jeho obsah mi sem vlozte

[DoDoSlav123]

Stealth MBR rootkit/Mebroot/Sinowal/TDL4 detector 0.4.2 by Gmer, http://www.gmer.net
Windows 5.1.2600 Disk: Hitachi_HTS543232L9A300 rev.FB4OC40C -> Harddisk0\DR0 -> \Device\Ide\IdeDeviceP0T0L0-3

device: opened successfully
user: MBR read successfully

Disk trace:
called modules: ntoskrnl.exe CLASSPNP.SYS disk.sys atapi.sys hal.dll pciide.sys
1 nt!IofCallDriver[0x804E19BC] -> \Device\Harddisk0\DR0[0x8A688AB8]
3 CLASSPNP[0xF763805B] -> nt!IofCallDriver[0x804E19BC] -> \Device\Ide\IdeDeviceP0T0L0-3[0x8A68AD98]
kernel: MBR read successfully
_asm { XOR AX, AX; MOV SS, AX; MOV SP, 0x7c00; STI ; PUSH AX; POP ES; PUSH AX; POP DS; CLD ; MOV SI, 0x7c1b; MOV DI, 0x61b; PUSH AX; PUSH DI; MOV CX, 0x1e5; REP MOVSB ; RETF ; MOV BP, 0x7be; MOV CL, 0x4; CMP [BP+0x0], CH; JL 0x2e; JNZ 0x3a; }
user & kernel MBR OK

[vyosek]

OK, log je cisty

[DoDoSlav123]

dekuji za pomoc .... akorad se mi porad zobrazuje ikona Malwaru na plose ,ale uz se sam neotvira a neblokuje programy...
btw: vsechny operace vami napsane jsme provadel v nouzovem rezimu prihlaseny za administratora...

dekuji..

[vyosek]

Tak jeste uklidime

OTC http://oldtimer.geekstogo.com/OTC.exe

• Stahnete a spustte
• Kliknete na CleanUp a potvrdte YES
• Program uklidi a restartuje PC

TFC http://oldtimer.geekstogo.com/TFC.exe

• Stahnete a spustte
• Kliknete na Start a potvrdte OK
• Program uklidi a restartuje pc
• Po pouziti utilitu smazte

Stahnete Ccleaner (viz muj podpis)
Panel čistič

• Vse nechte jak je, jen dejte Analyzovat a pote Spustit CCleaner

Panel registry

• dejte Hledej problémy
• nasledne Opravit problémy - zalohu registru doporucuji udelat, opravte vsechny problemy
• postup opakujte dokud nebude bez problemu - vetsinou cca 3x

Panel nástroje

• Zde muzete odinstalovat nepotrebne programy

CCleaner doporucuji pouzivat cca jednou za 14 dni

Prihlaste se do bezneho rezimu a napiste co PC

[DoDoSlav123]

dekuji mnohokrate za pomoc PC se zda byti v poradku

[vyosek]

I za kolegu, nemate zac